P. Andriotis, T. Tryfonas, G. Oikonomou, C. Yildiz

Final Draft:
© ACM, 2013 This is the author's version of the work. It is posted here by permission of ACM for your personal use. Not for redistribution. The definitive version was published in Proc. 6th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec 13), (2013) 10.1145/2462096.2462098
Abstract:
Graphical passwords that allow a user to unlock a smartphone's screen are one of the Android operating system's features and many users prefer them instead of traditional text-based codes. A variety of attacks has been proposed against this mechanism, of which notable are methods that recover the lock patterns using the oily residues left on screens when people move their fingers to reproduce the unlock code. In this paper we present a pilot study on user habits when setting a pattern lock and on their perceptions regarding what constitutes a secure pattern. We use our survey's results to establish a scheme, which combines a behaviour-based attack and a physical attack on graphical lock screen methods, aiming to reduce the search space of possible combinations forming a pattern, to make it partially or fully retrievable.
Reference:
P. Andriotis, T. Tryfonas, G. Oikonomou, C. Yildiz, "A Pilot Study on the Security of Pattern Screen-Lock Methods and Soft Side Channel Attacks", in Proc. 6th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec 13), pp. 1-6, 2013
Bibtex Entry:
@INPROCEEDINGS{Andriotis-2013-2-wisec,
	author = {Panagiotis Andriotis and Theo Tryfonas and George Oikonomou and Can Yildiz},
	title = {A Pilot Study on the Security of Pattern Screen-Lock Methods and Soft Side Channel Attacks},
	booktitle = {Proc. 6th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec 13)},
	publisher = {acm},
	year = {2013},
	pages = {1--6},
	doi = {10.1145/2462096.2462098},
	url = {http://dl.acm.org/ft_gateway.cfm?id=2462098&ftid=1363542&dwn=1&CFID=209744513&CFTOKEN=67660194},
	gsid = {14861532957569792597},
	abstract = {Graphical passwords that allow a user to unlock a smartphone's screen are one of the Android operating system's features and many users prefer them instead of traditional text-based codes. A variety of attacks has been proposed against this mechanism, of which notable are methods that recover the lock patterns using the oily residues left on screens when people move their fingers to reproduce the unlock code. In this paper we present a pilot study on user habits when setting a pattern lock and on their perceptions regarding what constitutes a secure pattern. We use our survey's results to establish a scheme, which combines a behaviour-based attack and a physical attack on graphical lock screen methods, aiming to reduce the search space of possible combinations forming a pattern, to make it partially or fully retrievable.}
}
Powered by bibtexbrowser

A Pilot Study on the Security of Pattern Screen-Lock Methods and Soft Side Channel Attacks